Aggregator

来自东南大学的博士生雷重庆分享了他们提出的一套面向微控制单元（MCU）的外设硬件自动化模拟系统Perry。Perry通过收集硬件元数据、分析驱动代码、捕获外设访问轨迹，将软件行为转换为硬件行为，生成准

在发布开源模型 DeepSeek-R1 之后，因其出色的性能和低廉的成本，DeepSeek 引起了广泛关注，其应用“DeepSeek - AI Assistant（或 DeepSeek - AI 助手）”也迅速进入应用商店的排行榜前列。在苹果应用商店的美区和国区，DeepSeek 进入了免费应用排行榜的第一名。在 Google Play 应用商店，DeepSeek 排在免费生产力应用第二名。DeepSeek-R1 的推理性能接近 OpenAI-o1-1217，该公司研究人员也在预印本平台 arXiv 上发表论文，介绍了通过增强学习大幅提升大模型推理能力的方法。

登录 注册

A vulnerability, which was classified as critical, has been found in PHP up to 4.3.10/5.0.3. This issue affects the function pack. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2004-1018. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

本周聚焦AI驱动的威胁、医疗技术漏洞及法规更新，揭露Juniper路由器攻击、Mirai僵尸网络破纪录DDoS攻击等重大安全事件，警示企业加强防护。

A vulnerability, which was classified as critical, was found in Apple tvOS up to 12.1.2. Affected is an unknown function of the component Kernel. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2019-8514. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

ESXi ransomware attacks use SSH tunnels to avoid detectionThrea

Threat actors behind ESXi ransomware attacks target virtualized environments using SSH tunneling to avoid detection. Researchers at cybersecurity firm Sygnia warn that threat actors behind ESXi ransomware attacks target virtualized environments using SSH tunneling to avoid detection. Ransomware groups are exploiting unmonitored ESXi appliances to persist and access corporate networks. They use “living-off-the-land” techniques, leveraging […]

Jan 27, 2025HackerOne's co-founder, Michiel Prins walks us through thelatest new offensive security

Minister van Defensie Ruben Brekelmans heeft vandaag het rapport van de Commissie-Sorgdrager in ontvangst genomen. Deze onderzoekscommissie bekeek hoe het kon gebeuren dat door Nederlandse wapeninzet in Hawija in 2015 burgerslachtoffers vielen.

本次SUCTF主要提供了两道赛题（虽然被骂辣），但是还是分享一下出题思路，以及解题思路。本题主要是自定义linker加固so，然后还有一个ffi动态调用的，剩下的就是常见的约束求解了。

快来开启《CTF训练营-Web篇》的学习之旅吧！

看雪论坛作者ID：Shangwendada

春节快乐SPRING FESTIVAL欢迎来到《CTF训练营-Web篇》！随着互联网的普及与发展，网络安全也越发成为人们关注的焦点。而在网络安全中，Web安全无疑是其中的一个重点领域。该课程以CTF比

本次SUCTF主要提供了两道赛题，分享一下出题思路，以及解题思路。一SU_APP本题主要是自定义linker加固so，然后还有一个ffi动态调用的，剩下的就是常见的约束求解了。linker来自于ngi

A vulnerability was found in Chadha PHPKB Standard Multi-Language 9. It has been declared as critical. This vulnerability affects unknown code of the file admin/imagepaster/image-upload.php of the component image-upload. The manipulation as part of Directory leads to improper input validation. This vulnerability was named CVE-2020-10386. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in John Roy Pi3Web 1.0.1. It has been classified as critical. This affects an unknown part in the library tstisapi.dll of the component URL Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2001-0302. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Первая гонка людей и машин скоро пройдет в Пекине.

DeepSeek遭遇大规模网络攻击，暂停新用户注册。现有用户仍可登录，但平台面临严峻网络安全挑战，凸显快速增长的AI平台易受攻击的风险。